Cleanup: Updated copyright comments
[Packages/TYPO3.CMS.git] / typo3 / sysext / perm / mod1 / class.sc_mod_web_perm_ajax.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 2007-2011 mehrwert (typo3@mehrwert.de)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 *
17 * This script is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * This copyright notice MUST APPEAR in all copies of the script!
23 ***************************************************************/
24 /**
25 * [CLASS/FUNCTION INDEX of SCRIPT]
26 *
27 *
28 *
29 * 66: class SC_mod_web_perm_ajax
30 *
31 * SECTION: Init method for this class
32 * 97: public function __construct()
33 *
34 * SECTION: Main dispatcher method
35 * 143: public function dispatch($params = array(), TYPO3AJAX &$ajaxObj = null)
36 *
37 * SECTION: Helpers for this script
38 * 259: private function renderUserSelector($page, $ownerUid, $username = '')
39 * 302: private function renderGroupSelector($page, $groupUid, $groupname = '')
40 * 350: private function renderOwnername($page, $ownerUid, $username)
41 * 363: private function renderGroupname($page, $groupUid, $groupname)
42 * 375: private function renderToggleEditLock($page, $editlockstate)
43 * 389: private function renderPermissions($int, $pageId = 0, $who = 'user')
44 *
45 * TOTAL FUNCTIONS: 8
46 * (This index is automatically created/updated by the extension "extdeveval")
47 *
48 */
49
50 $GLOBALS['LANG']->includeLLFile('EXT:lang/locallang_mod_web_perm.xml');
51
52 /**
53 * This class extends the permissions module in the TYPO3 Backend to provide
54 * convenient methods of editing of page permissions (including page ownership
55 * (user and group)) via new TYPO3AJAX facility
56 *
57 * @author Andreas Kundoch <typo3@mehrwert.de>
58 * @version $Id$
59 * @package TYPO3
60 * @subpackage core
61 * @license GPL
62 * @since TYPO3_4-2
63 */
64 class SC_mod_web_perm_ajax {
65
66 protected $conf = array(); // The local configuration array
67 protected $backPath = '../../../'; // TYPO3 Back Path
68
69 /********************************************
70 *
71 * Init method for this class
72 *
73 ********************************************/
74
75 /**
76 * The constructor of this class
77 *
78 * @return Void
79 */
80 public function __construct() {
81
82 // Configuration, variable assignment
83 $this->conf['page'] = t3lib_div::_POST('page');
84 $this->conf['who'] = t3lib_div::_POST('who');
85 $this->conf['mode'] = t3lib_div::_POST('mode');
86 $this->conf['bits'] = intval(t3lib_div::_POST('bits'));
87 $this->conf['permissions'] = intval(t3lib_div::_POST('permissions'));
88 $this->conf['action'] = t3lib_div::_POST('action');
89 $this->conf['ownerUid'] = intval(t3lib_div::_POST('ownerUid'));
90 $this->conf['username'] = t3lib_div::_POST('username');
91 $this->conf['groupUid'] = intval(t3lib_div::_POST('groupUid'));
92 $this->conf['groupname'] = t3lib_div::_POST('groupname');
93 $this->conf['editLockState'] = intval(t3lib_div::_POST('editLockState'));
94
95 // User: Replace some parts of the posted values
96 $this->conf['new_owner_uid'] = intval(t3lib_div::_POST('newOwnerUid'));
97 $temp_owner_data = t3lib_BEfunc::getUserNames(
98 'username, uid',
99 ' AND uid = ' . $this->conf['new_owner_uid']
100 );
101 $this->conf['new_owner_username'] = htmlspecialchars(
102 $temp_owner_data[$this->conf['new_owner_uid']]['username']
103 );
104
105 // Group: Replace some parts of the posted values
106 $this->conf['new_group_uid'] = intval(t3lib_div::_POST('newGroupUid'));
107 $temp_group_data = t3lib_BEfunc::getGroupNames(
108 'title,uid',
109 ' AND uid = ' . $this->conf['new_group_uid']
110 );
111 $this->conf['new_group_username'] = htmlspecialchars(
112 $temp_group_data[$this->conf['new_group_uid']]['title']
113 );
114
115 }
116
117 /********************************************
118 *
119 * Main dispatcher method
120 *
121 ********************************************/
122
123 /**
124 * The main dispatcher function. Collect data and prepare HTML output.
125 *
126 * @param array $params: array of parameters from the AJAX interface, currently unused
127 * @param TYPO3AJAX $ajaxObj: object of type TYPO3AJAX
128 * @return Void
129 */
130 public function dispatch($params = array(), TYPO3AJAX &$ajaxObj = null) {
131 $content = '';
132
133 // Basic test for required value
134 if ($this->conf['page'] > 0) {
135
136 // Init TCE for execution of update
137 $tce = t3lib_div::makeInstance('t3lib_TCEmain');
138 $tce->stripslashes_values = 1;
139
140 // Determine the scripts to execute
141 switch ($this->conf['action']) {
142
143 // Return the select to change the owner (BE user) of the page
144 case 'show_change_owner_selector':
145 $content = $this->renderUserSelector($this->conf['page'], $this->conf['ownerUid'], $this->conf['username']);
146 break;
147
148 // Change the owner and return the new owner HTML snippet
149 case 'change_owner':
150 if (is_int($this->conf['new_owner_uid'])) {
151 // Prepare data to change
152 $data = array();
153 $data['pages'][$this->conf['page']]['perms_userid'] = $this->conf['new_owner_uid'];
154
155 // Execute TCE Update
156 $tce->start($data, array());
157 $tce->process_datamap();
158 $content = $this->renderOwnername($this->conf['page'], $this->conf['new_owner_uid'], $this->conf['new_owner_username']);
159 } else {
160 $ajaxObj->setError('An error occured: No page owner uid specified.');
161 }
162 break;
163
164 // Return the select to change the group (BE group) of the page
165 case 'show_change_group_selector':
166 $content = $this->renderGroupSelector($this->conf['page'], $this->conf['groupUid'], $this->conf['groupname']);
167 break;
168
169 // Change the group and return the new group HTML snippet
170 case 'change_group':
171 if (is_int($this->conf['new_group_uid'])) {
172
173 // Prepare data to change
174 $data = array();
175 $data['pages'][$this->conf['page']]['perms_groupid'] = $this->conf['new_group_uid'];
176
177 // Execute TCE Update
178 $tce->start($data, array());
179 $tce->process_datamap();
180
181 $content = $this->renderGroupname($this->conf['page'], $this->conf['new_group_uid'], $this->conf['new_group_username']);
182 } else {
183 $ajaxObj->setError('An error occured: No page group uid specified.');
184 }
185 break;
186
187 // Change the group and return the new group HTML snippet
188 case 'toggle_edit_lock':
189
190 // Prepare data to change
191 $data = array();
192 $data['pages'][$this->conf['page']]['editlock'] = ($this->conf['editLockState'] === 1 ? 0 : 1);
193
194 // Execute TCE Update
195 $tce->start($data, array());
196 $tce->process_datamap();
197
198 $content = $this->renderToggleEditLock($this->conf['page'], $data['pages'][$this->conf['page']]['editlock']);
199 break;
200
201 // The script defaults to change permissions
202 default:
203 if ($this->conf['mode'] == 'delete') {
204 $this->conf['permissions'] = intval($this->conf['permissions'] - $this->conf['bits']);
205 } else {
206 $this->conf['permissions'] = intval($this->conf['permissions'] + $this->conf['bits']);
207 }
208
209 // Prepare data to change
210 $data = array();
211 $data['pages'][$this->conf['page']]['perms_'.$this->conf['who']] = $this->conf['permissions'];
212
213 // Execute TCE Update
214 $tce->start($data, array());
215 $tce->process_datamap();
216
217 $content = $this->renderPermissions($this->conf['permissions'], $this->conf['page'], $this->conf['who']);
218 }
219 } else {
220 $ajaxObj->setError('This script cannot be called directly.');
221 }
222 $ajaxObj->addContent($this->conf['page'].'_'.$this->conf['who'], $content);
223 }
224
225 /********************************************
226 *
227 * Helpers for this script
228 *
229 ********************************************/
230
231 /**
232 * Generate the user selector element
233 *
234 * @param Integer $page: The page id to change the user for
235 * @param Integer $ownerUid: The page owner uid
236 * @param String $username: The username to display
237 * @return String The html select element
238 */
239 protected function renderUserSelector($page, $ownerUid, $username = '') {
240
241 // Get usernames
242 $beUsers = t3lib_BEfunc::getUserNames();
243
244 // Init groupArray
245 $groups = array();
246
247 if (!$GLOBALS['BE_USER']->isAdmin()) {
248 $beUsers = t3lib_BEfunc::blindUserNames($beUsers, $groups, 1);
249 }
250
251 // Owner selector:
252 $options = '';
253
254 // Loop through the users
255 foreach ($beUsers as $uid => $row) {
256 $selected = ($uid == $ownerUid ? ' selected="selected"' : '');
257 $options .= '<option value="'.$uid.'"'.$selected.'>'.htmlspecialchars($row['username']).'</option>';
258 }
259
260 $elementId = 'o_'.$page;
261 $options = '<option value="0"></option>'.$options;
262 $selector = '<select name="new_page_owner" id="new_page_owner">'.$options.'</select>';
263 $saveButton = '<a onclick="WebPermissions.changeOwner('.$page.', '.$ownerUid.', \''.$elementId.'\');" title="Change owner">' . t3lib_iconWorks::getSpriteIcon('actions-document-save') . '</a>';
264 $cancelButton = '<a onclick="WebPermissions.restoreOwner('.$page.', '.$ownerUid.', \''.($username == '' ? '<span class=not_set>[not set]</span>' : htmlspecialchars($username)).'\', \''.$elementId.'\');" title="Cancel">' . t3lib_iconWorks::getSpriteIcon('actions-document-close') . '</a>';
265 $ret = $selector.$saveButton.$cancelButton;
266 return $ret;
267 }
268
269 /**
270 * Generate the group selector element
271 *
272 * @param Integer $page: The page id to change the user for
273 * @param Integer $groupUid: The page group uid
274 * @param String $username: The username to display
275 * @return String The html select element
276 */
277 protected function renderGroupSelector($page, $groupUid, $groupname = '') {
278
279 // Get usernames
280 $beGroups = t3lib_BEfunc::getListGroupNames('title,uid');
281 $beGroupKeys = array_keys($beGroups);
282 $beGroupsO = $beGroups = t3lib_BEfunc::getGroupNames();
283 if (!$GLOBALS['BE_USER']->isAdmin()) {
284 $beGroups = t3lib_BEfunc::blindGroupNames($beGroupsO, $beGroupKeys, 1);
285 }
286
287 // Group selector:
288 $options = '';
289
290 // flag: is set if the page-groupid equals one from the group-list
291 $userset = 0;
292
293 // Loop through the groups
294 foreach ($beGroups as $uid => $row) {
295 if ($uid == $groupUid) {
296 $userset = 1;
297 $selected = ' selected="selected"';
298 } else {
299 $selected = '';
300 }
301 $options .= '<option value="'.$uid.'"'.$selected.'>'.htmlspecialchars($row['title']).'</option>';
302 }
303
304 // If the group was not set AND there is a group for the page
305 if (!$userset && $groupUid) {
306 $options = '<option value="'.$groupUid.'" selected="selected">'.htmlspecialchars($beGroupsO[$groupUid]['title']).'</option>'.$options;
307 }
308
309 $elementId = 'g_'.$page;
310 $options = '<option value="0"></option>'.$options;
311 $selector = '<select name="new_page_group" id="new_page_group">'.$options.'</select>';
312 $saveButton = '<a onclick="WebPermissions.changeGroup('.$page.', '.$groupUid.', \''.$elementId.'\');" title="Change group">' . t3lib_iconWorks::getSpriteIcon('actions-document-save') . '</a>';
313 $cancelButton = '<a onclick="WebPermissions.restoreGroup('.$page.', '.$groupUid.', \''.($groupname == '' ? '<span class=not_set>[not set]</span>' : htmlspecialchars($groupname)).'\', \''.$elementId.'\');" title="Cancel">' . t3lib_iconWorks::getSpriteIcon('actions-document-close') . '</a>';
314 $ret = $selector.$saveButton.$cancelButton;
315 return $ret;
316 }
317
318
319 /**
320 * Print the string with the new owner of a page record
321 *
322 * @param Integer $page: The TYPO3 page id
323 * @param Integer $ownerUid: The new page user uid
324 * @param String $username: The TYPO3 BE username (used to display in the element)
325 * @param Boolean $validUser: Must be set to FALSE, if the user has no name or is deleted
326 * @return String The new group wrapped in HTML
327 */
328 public function renderOwnername($page, $ownerUid, $username, $validUser = true) {
329 $elementId = 'o_'.$page;
330 $ret = '<span id="' . $elementId . '"><a class="ug_selector" onclick="WebPermissions.showChangeOwnerSelector(' . $page . ', ' . $ownerUid . ', \'' . $elementId.'\', \'' . htmlspecialchars($username) . '\');">' . ($validUser ? ($username == '' ? ('<span class=not_set>['. $GLOBALS['LANG']->getLL('notSet') .']</span>') : htmlspecialchars(t3lib_div::fixed_lgd_cs($username, 20))) : ('<span class=not_set title="' . htmlspecialchars(t3lib_div::fixed_lgd_cs($username, 20)) . '">[' . $GLOBALS['LANG']->getLL('deleted') . ']</span>')) . '</a></span>';
331 return $ret;
332 }
333
334
335 /**
336 * Print the string with the new group of a page record
337 *
338 * @param Integer $page: The TYPO3 page id
339 * @param Integer $groupUid: The new page group uid
340 * @param String $groupname: The TYPO3 BE groupname (used to display in the element)
341 * @param Boolean $validGroup: Must be set to FALSE, if the group has no name or is deleted
342 * @return String The new group wrapped in HTML
343 */
344 public function renderGroupname($page, $groupUid, $groupname, $validGroup = true) {
345 $elementId = 'g_'.$page;
346 $ret = '<span id="'.$elementId . '"><a class="ug_selector" onclick="WebPermissions.showChangeGroupSelector(' . $page . ', ' . $groupUid . ', \'' . $elementId . '\', \'' . htmlspecialchars($groupname) . '\');">'. ($validGroup ? ($groupname == '' ? ('<span class=not_set>['. $GLOBALS['LANG']->getLL('notSet') .']</span>') : htmlspecialchars(t3lib_div::fixed_lgd_cs($groupname, 20))) : ('<span class=not_set title="' . htmlspecialchars(t3lib_div::fixed_lgd_cs($groupname, 20)) . '">[' . $GLOBALS['LANG']->getLL('deleted') . ']</span>')) . '</a></span>';
347 return $ret;
348 }
349
350
351 /**
352 * Print the string with the new edit lock state of a page record
353 *
354 * @param Integer $page: The TYPO3 page id
355 * @param String $editlockstate: The state of the TYPO3 page (locked, unlocked)
356 * @return String The new edit lock string wrapped in HTML
357 */
358 protected function renderToggleEditLock($page, $editLockState) {
359 if ($editLockState === 1) {
360 $ret = '<a class="editlock" onclick="WebPermissions.toggleEditLock('.$page.', 1);" title="The page and all content is locked for editing by all non-Admin users.">' . t3lib_iconWorks::getSpriteIcon('status-warning-lock') . '</a>';
361 } else {
362 $ret = '<a class="editlock" onclick="WebPermissions.toggleEditLock('.$page.', 0);" title="Enable the &raquo;Admin-only&laquo; edit lock for this page">[+]</a>';
363 }
364 return $ret;
365 }
366
367
368 /**
369 * Print a set of permissions. Also used in index.php
370 *
371 * @param integer Permission integer (bits)
372 * @param Integer $page: The TYPO3 page id
373 * @param String $who: The scope (user, group or everybody)
374 * @return string HTML marked up x/* indications.
375 */
376 public function renderPermissions($int, $pageId = 0, $who = 'user') {
377 global $LANG;
378 $str = '';
379
380 $permissions = array(1,16,2,4,8);
381 foreach ($permissions as $permission) {
382 if ($int&$permission) {
383 $str .= t3lib_iconWorks::getSpriteIcon('status-status-permission-granted',array('tag'=>'a','title'=>$LANG->getLL($permission,1), 'onclick'=> 'WebPermissions.setPermissions('.$pageId.', '.$permission.', \'delete\', \''.$who.'\', '.$int.');'));
384 } else {
385 $str .= t3lib_iconWorks::getSpriteIcon('status-status-permission-denied',array('tag'=>'a','title'=>$LANG->getLL($permission,1),'onclick'=>'WebPermissions.setPermissions('.$pageId.', '.$permission.', \'add\', \''.$who.'\', '.$int.');'));
386 }
387 }
388 return '<span id="'.$pageId.'_'.$who.'">'.$str.'</span>';
389 }
390
391 }
392
393 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['typo3/mod/web/perm/class.sc_mod_web_perm_ajax.php'])) {
394 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['typo3/mod/web/perm/class.sc_mod_web_perm_ajax.php']);
395 }
396
397 ?>